Why did shell timeout was not considered as common Critera EAL4 Configuration in Red Hat Enterprise Linux 6.2?

Solution Unverified - Updated -

Issue

  • Building servers based on the Common Criteria EAL4 configuration from cc-eal4-config-rhel62-0.33-1.el6_2.noarch.rpm.
  • Part of this configuration updates /etc/profile to run screen at the end of it's execution.
  • For init-scripts that run su - as part of there start-up, this results in a shell prompt on the console during startup.
  • Also it appears that screen is being used as a terminal lock for inactivity, why using a shell timeout by setting the TMOUT environment variable wasn't considered for making it readonly?
  • Was the shell timeout considered alongside the screen option and if so what were the reasons for selecting screen over the shell timeout?

Environment

  • Red Hat Enterprise Linux 6.2
  • cc-eal4-config-rhel62-0.33-1.el6_2.noarch.rpm.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content